The People’s Liberation Army’s Unit 61398, provided that security firm Mandiant has its facts straight – and few outside the Chinese government think they do not – has broken into computer systems of larger American corporations, and key infrastructure elements.

The Chinese government has pushed back against the report, stating that hacking is illegal, it doesn’t take part in it, and that the United States is aggressively invading its computing systems. That doesn’t seem unlikely, but no report such as the Times’ publishing of Mandiant’s claims has been put forth.

The AP’s report specifically details “fines, penalties and other trade restrictions as initial, more-aggressive steps” that may be taken, in the wake of the report.

It’s one thing to have sporadic incidents, but that the Chinese military has a unit in place that invades companies such as Coca-Cola when it is in negotiations with Chinese interests demonstrates that such incursions are commonplace. The United States has long butted heads with China over intellectual property and knock-off goods.

Cybersecurity legislation, the sort of thing designed to prevent this sort of issue, has been festering in Congress for some time now. The House, in a fit of backwards-thinking, reintroduced the Cyber Intelligence Sharing and Protection Act (CISPA) without new provisions for consumer privacy. That bill was flat ignored in the Senate, and had a veto-threat hung around its neck. The President has issued a lengthy cybersecurity executive order, but it has limited purview.

In short, from the perspective of staving off more such attacks, the United States is talking some and doing nothing. However, the government might increase the size of the stick and the frequency of its swing in formally responding to cyberattacks. China’s response will be a key indicator to watch.